You cannot do it (safely) without a trip to the server, but you can do
it without a "roundtrip". Use the CustomValidator control, and write
the ClientValidation code in Javascript that will use the XMLHttpRequest
object to call a service on your web server. You would pass in the
password (preferably hashed) and it would return true or false if it is
a valid password. The service would do the check on the server side.
The javascript on the client side would get the result and set the
return value for the CustomValidator client side code.
CustomValidator tutorial:
http://samples.gotdotnet.com/quickst...c_custval.aspx
For more information on using XMLHttpRequest - search the web for AJAX
examples.
Joshua Flanagan
http://flimflan.com/blog